Skip to content

Instantly share code, notes, and snippets.

@breser
breser / remove_unused_default_vpcs.sh
Last active Feb 19, 2021
remove_unused_default_vpcs.sh
View remove_unused_default_vpcs.sh
#!/bin/bash
# Delete Default VPCs
# Deletes Default VPCs across an entire organization if there are no ENIs in
# the default VPC.
#
# Assumes that ~/.aws/credentials has credentials to the root account for the
# AWS Organization. Assumes that the user/role you're logged into in the
# root account has permissions to assume the OrganizationAccountAccessRole in
# each member account. Requires jq and aws cli be installed on the path.
@breser
breser / audit-ec2-store.sh
Created Aug 16, 2019
Audit EBS Storage for overly open permissions.
View audit-ec2-store.sh
#!/bin/bash
# Audit EBS Storage
# Looks for AWS Storage that is externally shared outside of the
# AWS Organization. This is a reaction to:
# https://www.defcon.org/html/defcon-27/dc-27-speakers.html#Morris
# https://techcrunch.com/2019/08/09/aws-ebs-cloud-backups-leak/
#
# Assumes that ~/.aws/credentials has credentials to the root account for the
# AWS Organization. Assumes that the user/role you're logged into in the
@breser
breser / gist:a9801ea9bc6c9600c49c1cbc92d508c7
Created Jun 19, 2018
DEBUG output: aws_default_subnet doesn't set map_public_ip_on_launch on first run.
View gist:a9801ea9bc6c9600c49c1cbc92d508c7
2018/06/19 12:55:52 [INFO] Terraform version: 0.11.7 41e50bd32a8825a84535e353c3674af8ce799161
2018/06/19 12:55:52 [INFO] Go runtime version: go1.10.1
2018/06/19 12:55:52 [INFO] CLI args: []string{"/Users/reserb/bin/terraform", "apply"}
2018/06/19 12:55:52 [DEBUG] Attempting to open CLI config file: /Users/reserb/.terraformrc
2018/06/19 12:55:52 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2018/06/19 12:55:52 [INFO] CLI command args: []string{"apply"}
2018/06/19 12:55:52 [INFO] command: empty terraform config, returning nil
2018/06/19 12:55:52 [DEBUG] command: no data state file found for backend config
2018/06/19 12:55:52 [DEBUG] New state was assigned lineage "c6a3495d-8bb9-c961-8b9d-d6401ab158e0"
2018/06/19 12:55:52 [INFO] command: backend initialized: <nil>